Search
369 results for “srivasta”
-
In the dynamic sphere of Information Technology, I find myself increasingly drawn to the 'less glamorous' aspect of stability. Here are a few instances that illustrate this preference:
The allure of a Linux distribution like Debian, which prioritizes core functionality and stability over making headlines with experimental features. It's heartening to see Debian providing a solid foundation for others to innovate upon.
The prudence in a software release cycle that's paced at six months, allowing for meticulous testing with multiple release candidates before an official launch. This approach often unveils well-architected software, even in its 'alpha' phase, whereas some 'production-ready' software necessitates frequent bug fixes.
The common narrative equates rapid releases with innovation. However, the more I explore this, the more I discern the pitfalls of such a fast-paced cycle. It not only burdens downstream stakeholders but also creates a ripple effect across the software supply chain, manifesting issues of a significant magnitude in our daily lives.
Imagine a near-future where daily updates become a norm for not just our computers and mobile phones, but extend to our cars 🚗, home appliances 🏡, and even farming equipment 🚜. Even if each update process is streamlined to a minute, the cumulative time and effort required could be substantial. (now what if i tell you its far closer then you can imagine)
Are we truly prepared for such a hyper-connected, software-driven reality where updates are incessant?
Would love to hear your thoughts on how we might find a sweet spot between nurturing innovation and maintaining stability in our tech-driven world?
Hastag soup:
#SoftwareDevelopment #ITIndustry #TechnologyTrends #Innovation #Stability #ReleaseManagement #SoftwareSupplyChain #softwareSecurity #informationSecurity #appsec #infosec -
India's first protest strategy incorporating 'drone photography' possibility
---
RT @srivatsayb
In a unique protest against CAA-NRC, Congress in Kerala along with our allies formed 'Human Maps of India' in 12 districts as a way of showcasing Unity in Diversity#IndiaAgainstCAA
https://twitter.com/srivatsayb/status/1222925233134301184 -
Hote Tak Reprise (Lyrics): Raghav Chaitanya | Shilpa Rao | Metro…In Dino | Pritam | Bhushan K
Presenting the Lyrical Video Song "Hote Tak - Reprise" from the film "Metro...In Dino". #MetroInDino #HoteTakReprise #RaghavChaitanya #ShilpaRao #Pritam ♪Full Song Available on♪ JioSaavn: Spotify: Apple Music: Gaana: Amazon Prime Music: YouTube Music: Audio Credits: Music: Pritam Singer: Raghav Chaitanya, Shilpa Rao Lyrics: Ghalib, Sandeep Shrivastava Music Label: T-Series…
-
Hote Tak Reprise (Lyrics): Raghav Chaitanya | Shilpa Rao | Metro…In Dino | Pritam | Bhushan K
Presenting the Lyrical Video Song "Hote Tak - Reprise" from the film "Metro...In Dino". #MetroInDino #HoteTakReprise #RaghavChaitanya #ShilpaRao #Pritam ♪Full Song Available on♪ JioSaavn: Spotify: Apple Music: Gaana: Amazon Prime Music: YouTube Music: Audio Credits: Music: Pritam Singer: Raghav Chaitanya, Shilpa Rao Lyrics: Ghalib, Sandeep Shrivastava Music Label: T-Series…
-
Metro…In Dino (Side B): Das Haasil Sau Baaki (Audio) | Pritam | Raghav Chaitanya, Neeti M, Sandeep S
Presenting the Full Audio Song "Das Haasil Sau Baaki from the movie "Metro...In Dino" #MetroInDino #DasHaasilSauBaaki #RaghavChaitanya #NeetiMohan #Pritam Audio Credits: Singer: Raghav Chaitanya, Neeti Mohan Music: Pritam Lyrics: Sandeep Shrivastava Music Label: T-Series Film Credits: A Film By: Anurag Basu Produced By: Bhushan Kumar, Krishan Kumar, Anurag Basu, Taani…
-
No FIR + No Arrest
❌Anurag Thakur
❌Kapil Mishra
❌Parvesh Verma
❌Komal Sharma
UAPA + Arrested
✅Safoora Zargar
✅MeeranHaider
✅ShifaRehman
✅Asif IqbalJamia students are facing endless harassment from BJP for anti-CAA protests
They will emerge stronger👊 #StandWithJamia
🐦🔗: https://twitter.com/srivatsayb/status/1264206810686185472
-
Everyone's suddenly calling dependency cooldown the grand solution to software supply chain attacks. It isn't.
Cooldown helps only if the malicious payload is discovered, reported, and fixed during your cooldown window. Its success depends on someone else getting hit first, investigating first, reporting first, and cleaning up before your timer expires.
I'd call that outsourced blast absorption.
There's a flip side. If the update contains a security fix, cooldown keeps you vulnerable longer. The same control that might protect you from a fresh malicious release can delay exposure reduction for a known CVE.
A bigger problem: most dependency ecosystems don't give consumers a security-fix-only path. You can't say "just give me the patch, leave the rest unchanged." You get a new version - fix plus feature changes, dependency changes, build changes, maintainer changes, behavior changes. The security fix is bundled into a broader trust decision.
We already had discipline for this:
- Use latest minus one
- Let the world test first
- Adopt stabilized releases
- Maintain stable and current branches
- Stage rollouts
- Avoid blind auto-upgrades
Debian is the example I keep coming back to. Maintainers separate security fixes from feature changes. "Newer" isn't automatically "better." There's a security update path, gatekeeping, human review - someone actively separating urgent fixes from feature churn before anything ships into stable.
Modern registry automation treats the package version as the unit of trust. Debian-style maintenance treats the fix, the package, the branch, and the stability promise as separate concerns.
Whenever I bring up Debian, all I hear is: ancient, slow-moving, dinosaurs, unsuitable for modern software velocity.
We threw that discipline away because we wanted faster shipping, less maintenance overhead, fewer release branches, and more automation pretending to be engineering judgment. Now the same industry has rediscovered delayed adoption, cooldown windows, stable channels, and staged rollouts - as if it were a brave new supply chain insight.
The missing part: delayed adoption without review is still automation all the way down. A timer does not replace a maintainer. A cooldown window does not replace a security team. Waiting does not magically convert an unsafe package into a safe one.
Sometimes the delay exists because someone is looking. That human gatekeeping is itself a deterrent. Attackers prefer ecosystems where publishing is instant, adoption is automatic, and nobody has to justify why a change should enter stable systems.
Dependency cooldown is useful as one control in a broader system. You still need package review, lockfiles, internal mirrors, emergency bypasses for security fixes, runtime detection, registry monitoring, dependency inventory, and actual thinking.
Used alone, dependency cooldown is delayed trust.
And delayed trust is still trust.
-
Introducing the 2ft Shiva Meditation Statue, a beautifully handcrafted piece that captures the divine serenity and profound stillness of Lord Shiva in his meditative posture.
https://www.thestonestudio.in/product/2ft-shiva-meditation-statue/Explore more handcrafted spiritual sculptures:
www.thestonestudio.in#ShivaMeditation #ShivaStatue #DivineDecor #SpiritualArt #HandcraftedSculptures #HomeTempleDecor #SacredSpace #MeditationDecor #TheStoneStudio #LordShiva
-
#CAA_NRC_Protests
---
RT @[email protected]
Succesfull protest against CAA and NRC in Basavakalyan town of Bidar (Karnataka) @SabinaBasha @srivatsayb @LavanyaBallal thousands of women came to resist this unconstitutional bill... #NoCAANoNRC #JNUProtest
https://twitter.com/resist_rage/status/1214865590537445376 -
A new article is live on Cyfinoid Research:
AppSec in the New Security Cost Model
https://cyfinoid.com/appsec-in-the-new-security-cost-model/
The core argument is simple. AppSec is still reacting to AI by improving the vulnerability queue. Better reachability, exploitability scoring, CVE enrichment, and prioritization help, but they were designed around an older cost model.
AI changes attacker iteration cost. The defender bottleneck is increasingly verification capacity.
Can we safely validate, fix, test, deploy, and monitor changes at the required pace?
That changes how we should think about AppSec programs. Smaller stacks matter. Attack surface reduction matters. Bug-class elimination matters. Compensating controls need expiry and replacement plans. Test coverage becomes a security capability. Safe remediation throughput becomes a useful metric.
I also connect this to Goldratt’s Theory of Constraints and the SaaS vs in-house ownership tradeoff, especially for SMBs.
The question is no longer only which vulnerability should be fixed first. The question is how much verified remediation an organization can safely produce.
-
A new article is live on Cyfinoid Research:
AppSec in the New Security Cost Model
https://cyfinoid.com/appsec-in-the-new-security-cost-model/
The core argument is simple. AppSec is still reacting to AI by improving the vulnerability queue. Better reachability, exploitability scoring, CVE enrichment, and prioritization help, but they were designed around an older cost model.
AI changes attacker iteration cost. The defender bottleneck is increasingly verification capacity.
Can we safely validate, fix, test, deploy, and monitor changes at the required pace?
That changes how we should think about AppSec programs. Smaller stacks matter. Attack surface reduction matters. Bug-class elimination matters. Compensating controls need expiry and replacement plans. Test coverage becomes a security capability. Safe remediation throughput becomes a useful metric.
I also connect this to Goldratt’s Theory of Constraints and the SaaS vs in-house ownership tradeoff, especially for SMBs.
The question is no longer only which vulnerability should be fixed first. The question is how much verified remediation an organization can safely produce.
-
A new article is live on Cyfinoid Research:
AppSec in the New Security Cost Model
https://cyfinoid.com/appsec-in-the-new-security-cost-model/
The core argument is simple. AppSec is still reacting to AI by improving the vulnerability queue. Better reachability, exploitability scoring, CVE enrichment, and prioritization help, but they were designed around an older cost model.
AI changes attacker iteration cost. The defender bottleneck is increasingly verification capacity.
Can we safely validate, fix, test, deploy, and monitor changes at the required pace?
That changes how we should think about AppSec programs. Smaller stacks matter. Attack surface reduction matters. Bug-class elimination matters. Compensating controls need expiry and replacement plans. Test coverage becomes a security capability. Safe remediation throughput becomes a useful metric.
I also connect this to Goldratt’s Theory of Constraints and the SaaS vs in-house ownership tradeoff, especially for SMBs.
The question is no longer only which vulnerability should be fixed first. The question is how much verified remediation an organization can safely produce.
-
A new article is live on Cyfinoid Research:
AppSec in the New Security Cost Model
https://cyfinoid.com/appsec-in-the-new-security-cost-model/
The core argument is simple. AppSec is still reacting to AI by improving the vulnerability queue. Better reachability, exploitability scoring, CVE enrichment, and prioritization help, but they were designed around an older cost model.
AI changes attacker iteration cost. The defender bottleneck is increasingly verification capacity.
Can we safely validate, fix, test, deploy, and monitor changes at the required pace?
That changes how we should think about AppSec programs. Smaller stacks matter. Attack surface reduction matters. Bug-class elimination matters. Compensating controls need expiry and replacement plans. Test coverage becomes a security capability. Safe remediation throughput becomes a useful metric.
I also connect this to Goldratt’s Theory of Constraints and the SaaS vs in-house ownership tradeoff, especially for SMBs.
The question is no longer only which vulnerability should be fixed first. The question is how much verified remediation an organization can safely produce.
-
I was tired of switching the environment variables to make ollama connect to right machine. https://github.com/anantshri/script-collection/blob/master/Shell/ollama script now does that for me in one shot. I interact with ollama command, it intelligently picks the server in order of availability.
-
Discover Fedi Wrap, the easy tool for generating your year in review report from fediverse mastodon api compatible servers, prioritizing privacy and local analysis.
Live Details : https://anantshri.github.io/fedi-wrap
Source Code : https://github.com/anantshri/fedi-wrap/
Blog post : https://blog.anantshri.info/building-fedi-wrap-my-year-in-review-for-the-fediverse/
#fediverse #gotosocial #mastodon #yearwrap #wraped2025 -
Building Fedi Wrap: My Year in Review for the Fediverse
As we approach the end of 2025, like a trained goat, I am collecting year end reviews from every SaaS service that will hand me one. Somewhere in that pile I realized I do a fair bit of posting on the Fediverse, so off I went looking for my own wrapped.
Corporate platforms have turned “wrapped” into a feature and also a business model. I am on the Fediverse for the opposite reason, but I still wanted the fun part.
So I built Fedi Wrap: a local first tool that generates a year in review report for Mastodon compatible Fediverse servers.
I wanted a year in review, not a JSON endurance test.
Repo: https://github.com/anantshri/fedi-wrap
Why I built it
There are already Mastodon wrapped tools, but many assume your instance exposes posts over the API without authentication.
That breaks the moment you move beyond common Mastodon defaults. I use GoToSocial. It is Mastodon compatible, but it leans harder into privacy and security. Many setups require authentication to access timelines and statuses. Unauthenticated “wrapped” tools simply cannot see your posts.
So the problem was simple.
How do you generate a year in review when your instance is doing the right thing and not handing data to anonymous requests?
Fedi Wrap is my answer: fetch with auth, analyze locally, output a single report.
What it does
Fedi Wrap is a bash script that:
- Fetches posts for a chosen year using
toot(so auth is handled by the CLI) - Runs analysis locally using
jq - Generates a self contained HTML report you can archive and open offline
The report includes:
- Total posts, boosts, replies
- Monthly, weekly, hourly patterns
- Longest posting streak
- A simple engagement score
- Top posts by engagement
- Activity calendar
- Fun labels like posting persona and chronotype
Optional local AI insights
If you want it, Fedi Wrap can use a local LLM via Ollama to generate:
- A narrative summary of your year
- Recurring topics
- Vibe and persona style descriptions
AI is optional. Everything runs on your machine.
I like AI more when it does not eat my data.
To keep results grounded, the AI flow is multi pass: analyze chunks first, then synthesize.
The stack
Core:
- bash
- jq
- toot (for fetching)
- curl
Optional:
- ollama
No Node. No containers. No build pipeline. Boring on purpose.
Screenshots
hero section ai personnas ai facts stats trends graphsGet it here
Live Details : https://anantshri.github.io/fedi-wrap
Source Code : https://github.com/anantshri/fedi-wrap/
#Fediverse #yearWrap - Fetches posts for a chosen year using
-
Day 1 of #BlackHatUSA2024
I am around the BlackHat area connecting with old friends and making new friends.
feel free to connect, highly interested in discussions around mobile, cloud, and supply chain security.
-
To me this #AatmNirbharBharat package is nothing more than 85% of the Fare that centre claimed to be paying for Migrants. A #Jumla on paper for Propaganda, but nothing for the poor.
---
RT @srivatsayb
PM Modi had promised
🔸2 crore jobs/yr
🔸10% GDP growth rate
🔸100 Smart Cities
🔸100 Lakh crore for Infra
🔸$5 Trillion economy
🔸Bullet Train
🔸No Black MoneyNow a ₹20 Lakh Cr Package. In 2022, he will 'announce' another package.
If u still…
https://twitter.com/srivatsayb/status/1260423318760456192 -
#MunawarFaruqui was jailed for a month for a joke he never said
Munawar can't perform though he has a censor certificate & SC allows him to work
These cops haven't caught one person behind Sulli Deals'. But are behind Munawar for no reason!
New India = Fascist Banana Republic
🐦🔗: https://twitter.com/srivatsayb/status/1464897149980712964
-
A personal reflection on leadership shaped by principles, not playbooks. From shielding teams to stepping back during celebrations, these quiet lessons explore what it means to lead without chasing the spotlight.
-
 Introducing KeyChecker – a CLI to fingerprint SSH private keys & map them to Git hosting accounts.
We have been talking about this in our classes for a long while, finally automation is present now.
 Blog: https://cyfinoid.com/automating-a-known-weakness-introducing-keychecker/
 PyPI: https://pypi.org/project/keychecker/ -
 Introducing KeyChecker – a CLI to fingerprint SSH private keys & map them to Git hosting accounts.
We have been talking about this in our classes for a long while, finally automation is present now.
 Blog: https://cyfinoid.com/automating-a-known-weakness-introducing-keychecker/
 PyPI: https://pypi.org/project/keychecker/ -
 Introducing KeyChecker – a CLI to fingerprint SSH private keys & map them to Git hosting accounts.
We have been talking about this in our classes for a long while, finally automation is present now.
 Blog: https://cyfinoid.com/automating-a-known-weakness-introducing-keychecker/
 PyPI: https://pypi.org/project/keychecker/ -
 Introducing KeyChecker – a CLI to fingerprint SSH private keys & map them to Git hosting accounts.
We have been talking about this in our classes for a long while, finally automation is present now.
 Blog: https://cyfinoid.com/automating-a-known-weakness-introducing-keychecker/
 PyPI: https://pypi.org/project/keychecker/ -
Ja tässä koko jakso.
Synkän turismin kohteita leimaa kuolema, kauhu, kärsimys tai katastrofi.
Romanian Dracula-turismi pohjaa fiktiiviseen vampyyrikreiviin ja Vlad Seivästäjään.Kuva: AOP
-
They were busy planning mosque demolition
---
RT @[email protected]
FACTS🔸BJP was in power with VP Singh in 1989, J&K under Presidents Rule
🔸BJP leader Jagmohan, Minister under Vajpayee, was Governor of J&K
🔸Jagmohan was given Padma Vibhushan by Modi in 2016
Why didn't BJP take action in 1989 for #KashmiriPandits?
#Justice4KashmiriHindus
https://twitter.com/srivatsayb/status/1218780288630718464 -
Textielfestival challenge week 39
En weer een nieuwe week in de #TextielFestivalChallege van het #Textielfestival26. Deze week was het thema 'knopen'. Ik borduurde een Keltische knoop met wat dubieus (Keltisch) groen borduurgaren van de kringloop. Althans, ik zeg Keltische knoop, want ik heb hem van een site met Keltische meuk, maar als ik verder zoek lijkt het toch eerder een boeddhistisch symbook, de eindeloze knoop of srivatsa.
https://demaakbarewereld.wordpress.com/2025/10/06/textielfestival-challenge-week-39/
-
Bhadke Aag Judai Ki With Lyrics | Bade Dilwala #GoldminesGaaneSuneAnsune #90sHitSongs #SunielShetty
Song:- Bhadke Aag Judai Ki Singer(s):- Jaspinder Narula Movie:- Bade Dilwala (1999) Music Director:- Aadesh Shrivastava Lyricist:- Qatil Shifai #GoldminesGaaneSuneAnsune #90sHitSongs #SunielShetty #PriyaGill #JaspinderNarula #BadeDilwala #oldsongshindi Lyrics:- Bhadke Aag Judai Ki Bhadke Aag Judai Ki To Jal Jaye Gulbute Rab Ruthe To Ruthe Kisi Ka Yaar Kabhi Na Ruthe Rab…
-
Mujhe Aisa Ladka Chahiye Lyrics
Song:- Mujhe Aisa Ladka Chahiye Singer(s):- Alka Yagnik Movie:- Bade Dilwala (1999) Music Director:- Aadesh Shrivastava Lyrics:- Qatil Shifai #GoldminesGaaneSuneAnsune #SunielShetty #PriyaGill #UditNarayan #AlkaYagnik #BadeDilwala #OldSongs Lyrics:- Mujhe Aisa Ladka Chahiye Jo Mujh Se Itna Pyar Kare Mujhe Aisa Ladka Chahiye Jo Mujh Se Itna Pyar Kare Ki Mai Khushi Ke Mare Mar Jau Mujhe Aisa Ladka Chahiye Jo Mujh Se Itna Pyar Kare…
-
दुपट्टे का पल्लू HD | Tarkieb (2000) | शिल्पा शेट्टी, नाना पाटेकर, आशुतोष राणा | Richa Sharma
Song:- Dupatte Ka Pallu Singer(s):- Richa Sharma Movie:- Tarkieb (2000) Music Director:-Aadesh Shrivastava Lyricist: Nida Fazli #GoldminesGaaneSuneAnsune #ShilpaShetty #NanaPatekar #RichaSharma #Tarkieb #OldSongs #DanceSongs Lyrics:- Jawani Ka Aalam Bada Bekhabar Hai Dupatte Ka Pallu Kidhar Ka Kidhar Hai Kahi Hai Chunariya Kahi Pe Kamar Hai Kahi Hai Chunariya Kahi Pe Kamar Hai…